Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
to me its B, the most important is the scope of the audit, the value it brings, is it sufficient to what the organization need inorder to call or even perform an actual audit. The requirement of disk size we can adjust as we needed, it can only be used to support the content of the information that the application can gather.
C, the keyword is "Capabilities". Remember the CIA, this question is about availability, not integrity. It would have been B if it was about the accuracy of the application.
Though both are important, but if can only choose 1 option, then B is more important. Cos if audit records do not contain sufficient information, then no matter how much storage alloacted also no use. Hence B is more correct.
Not applicable now. None of these questions came up during my exam last Tuesday (April 2, 2024). Use the questions as guide in learning but don't depend that these will come up in the exam
Because the primary purpose of an audit is to provide a RECORD OF ACTIVITIES that can be used to identify and investigate suspicious or inappropriate activities. If the audit records do not contain sufficient information, it would be difficult to achieve this goal.
So is the B or C the correct answer? I would say B if I was sitting for the test. But with this picking C as the correct answer, it's causing unwanted doubt.
I will pick B for answer. In domain 7, it says some audit examples including inspection audits, access review audits, user entitlement audits etc.The required information for each type of audit may different. The information is not ONLY referred to the audit log of an application. The audit record could be the company rules or even a physical log sheet paper of the data center. So sufficient information is most important. Answer C may be the second best but it is limited for the digit audit logs.
Meant to say I'm going with B. So my previous comment should read as...
Going with B. The textbook focuses on auditing capabilities requiring sufficient information.
CISSP AIO Exam Guide: Ninth Edition pg. 741-743
The question is asking specifically about the audit capability of the APPLICATION, as opposed to the effectiveness of an audit record. You cannot consider the content of the audit log if the application cannot capture and STORE logs FIRST. Of course audit log content will drive size allocation but the question was asking about the APPLICATION.
C doesnt imply the app cant store ANY log. Moreover, what's the point of having plenty of audit log storage place if the logs themselves don't have anything of value? B is obviously the right answer. You can have terabytes of audit log space but if they only capture useless crap the audit capabilities are crap as well. BBBB.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Want to SAVE BIG on Certification Exam Prep?
zo24
Highly Voted 8 months, 1 week agoaape1
Highly Voted 9 months, 1 week agoRamye
Most Recent 2 weeks, 5 days agopigon
1 month, 3 weeks agoap0ls
3 months agof270069
5 days, 5 hours ago3008
3 months, 2 weeks agoAZSID
4 months agoKyanka
4 months agoSKainth
4 months, 3 weeks agoTashT13
5 months agoJoeandHeidi
10 months, 2 weeks agowingcheuk
1 year agovorozco
1 year agoRamye
2 weeks, 5 days agoCPT_Pepper
1 year, 1 month agodumdada
1 year, 1 month agoKelvinYau
1 year, 1 month agojackdryan
1 year, 2 months agoNJALPHA
1 year, 3 months agojackdryan
1 year, 2 months ago